BF-SIRT Newsletter 2018-14

Intel tells remote keyboard users to delete app after critical bug found.

On Tuesday, Intel warned of a critical escalation of privilege vulnerability (CVE-2018-3641) in all versions of the Intel Remote Keyboard that allows a network attacker to inject keystrokes as if they were a local user.

The vulnerability received a Common Vulnerabilities and Exposure (CVE) score of 9.0 out of 10.

As part of the same advisory, Intel shared two additional Remote Keyboard vulnerabilities, both rated high. The bugs (CVE-2018-3645 and CVE-2018-3638) allow an “authorized local attacker to execute arbitrary code as a privileged user” and had CVE scores of 8.8 and 7.2, according to Intel.

An Intel spokesperson told Threatpost the product had already been scheduled for discontinuation, and the discontinuation is not related to the security advisory. Despite being discontinued, Intel still maintains a Remote Keyboard product page for the app and it is still available for download via Apple’s App Store and Google Play. According to Google Play, the app has been installed over 500,000 times.

 

Top 5 Security links
https://blog.cloudflare.com/announcing-1111/
https://www.elastic.co/blog/gdpr-personal-data-pseudonymization-part-1
https://krebsonsecurity.com/2018/04/secret-service-warns-of-chip-card-scheme/
https://blog.infostruction.com/2018/04/02/feodo-banking-trojan-dropper-analysis/
https://www.commondreams.org/news/2018/04/05/not-50-million-not-87-million-facebook-admits-data-most-its-2-billion-users